Were you one of the 30 million Facebook users who just got a heads up that your data was compromised? If you haven't heard from Facebook yet, it doesn't necessarily mean you're in the clear. You still might want to check the Help Center to see if your info has been hit.

So just to back up a bit, on Friday, Facebook revealed that instead of the original number of 50 million, it was actually 20 million fewer. OK, that sounds better, right? Except that private, personal information is now very much in peril.

As a quick refresh: On Sept. 25, Facebook discovered a vulnerability that would let hackers get your phone number and email address, and for about 14 million people even more personal information like recent searches on the social network, your location history, religion and relationship status and the types of devices you use to access the service. In other words, more details about who you are, where you go, what you're interested in and what you use.

Now Facebook says it doesn’t know if the attackers will exploit any of the information they have accessed – its investigation is ongoing – but that data can allow the hackers or third parties to use it to create and spread spam on Facebook or off.

And here's one big concern: Identify theft is a genuine risk, too.

How paranoid should you be?

By having a general sense of where you are and what you like, the bad guys can “use that to their advantage when doing things like open new accounts, sign up for services, look more like you ultimately,” says Al Pascual, senior vice president for research and head of fraud and security at Javelin Strategy & Research.

Pascual believes, though, that larger risk comes with “phishing,” in which scammers masquerading as real financial institutions or other companies send emails and messages with sweet offers based on your interests to get you to unwittingly surrender more personal details.

That means, of course, keeping your guard up, especially if the communications you are receiving are unsolicited.

“You just need to be more skeptical, which you should already be anyway,” Pascual says. Do not open documents from unfamiliar businesses. But also be wary if you get a come-on from a company you do know but weren’t anticipating hearing from, “even if it looks like something you care about. That’s what criminals are playing on.”

You can always manually visit a site to verify a deal, but never, ever click on a suspect link. Repeat: Do not click the link that came to you in that email that just landed.

Treat emails and messages that purport to come from Facebook with equal suspicion, and check with the company if you’re not sure. Go with your gut: If something smells fishy, it probably is.

Common sense safeguards

You should practice common sense security anyway, even if such best practices may not help if you’ve been victimized by the Facebook breach. You hear it all time, but don’t use the same passwords at each place, and don’t play into a criminal’s hands by making those passwords easy to sniff out.

"People are very, very bad about following good password hygiene,” Pasqual says.

Example: It is not that hard to find the name of your pet, especially if you post pictures of her on social media. So don’t use Fluffy as your password.

You can also greatly reduce your risk by using a password manager such as Dashlane, 1Password and LastPass, essentially vaults for complex and unique passwords, that can automatically fill in passwords when you visit a financial or other website.

Another recommendation is to be careful accessing free public Wi-Fi. If possible, use a reputable VPN, or virtual private network, when communicating with your employer. And tapping into a public network isn't exactly the best time to do your online banking.

“We’ve been trained to take advantage of free Wi-Fi everywhere that we no longer even think about whether or not that stuff is safe,” Pasqual says.

Meantime, if you know you’re one of the accounts exposed by Facebook, or are scared off because of it, another viable option is a service such as LifeLock, or IdentityForce, which may help prevent identify theft before it happens, alert you if there might be an issue, or assist you on retrieving an identify that is stolen.

Of course, the very nature of a social network such as Facebook is that we reveal tons of information about ourselves on purpose: where we went to school, where we went on vacation, what our politics are or the sports teams that we root for.

Facebook deserves all the criticism it is getting for what some might deem security negligence. But in many cases, you’ll find the biggest leakers of privacy by looking at the selfie you just posted.

Posted!

A link has been posted to your Facebook feed.

Life-sized cutouts of Facebook CEO Mark Zuckerberg are placed by the advocacy group Avaaz on the lawn of the United States Capitol in Washington on April 10, 2018, ahead of Zuckerberg's appearance before a joint hearing of the Senate Judiciary Committee and the Senate Commerce, Science and Transportation Committee. Jack Gruber, USA TODAY

Facebook CEO Mark Zuckerberg arrives on Capitol Hill in Washington, April 9, 2018, to meet with Sen. Dianne Feinstein, D-Calif., the ranking member of the Senate Judiciary Committee. Zuckerberg will testify Tuesday before a joint hearing of the Commerce and Judiciary Committees about the use of Facebook data to target American voters in the 2016 election. J. SCOTT APPLEWHITE/AP

Facebook's Chairman and CEO Mark Zuckerberg will testify before Congress in wake of the controversy over the leak of users' data. This is not the first time Zuckerberg faces concerns about privacy on the popular social site. But it was prompted by news Cambridge Analytica harvested the data of tens of millions of Facebook users to sway the U.S. presidential election. Click ahead to see Zuckerberg through the years. Martin E. Klimek, USA TODAY

Lawmakers expressed anger last fall when Facebook and other social media companies sent their attorneys rather than their CEOs to testify about Russia's use of their platforms to meddle in the 2016 election. Zuckerberg only agreed to testify this week under intense pressure from Congress and continuing privacy breach revelations. Mladen Antonov

Zuckerberg launched Facebook on Feb. 4, 2004, leaving Harvard his sophomore year. Three college friends sued him, saying he siphoned their ideas to help create the platform. A settlement was reached in the matter. Steven Senne, AP

Mark Zuckerberg meets with a group of entrepreneurs and innovators during a round-table discussion at Cortex Innovation Community technology hub in St. Louis in November. Facebook said on April 5 that it has shut down a feature that let people search for users if they had their phone number or email address. Zuckerberg said the company had tried rate limiting the searches, which restricted how many searches someone can conduct at one time. But he said this was circumvented by bad actors cycling through multiple IP addresses. Jeff Roberson, AP

The 33-year-old billionaire was born on May 14th, 1984, in White Plains, N.Y. His parents, Karen and Edward, are
a psychiatrist and dentist, respectively.
He showed academic excellence early on, attending Phillips Exeter Academy and winning awards in math, science by his junior year. Even before entering Harvard he was known as programming wizkid. Martin E. Klimek, USA TODAY

Pope Francis meets Zuckerberg at the Santa Marta residence in Vatican City. Vatican spokesman Greg Burke says the two discussed how to use communication technologies to alleviate poverty, encourage a culture of encounter, and make a message of hope arrive, especially to those most in need. L'Osservatore Romano via AP

In 2016, Mark Zuckerberg and D.J. Koh, Samsung's president of mobile communications Business, met in Barcelona at the annual Mobile World Congress. The event hosts some of the world's largest communication companies, with many unveiling their latest phones and gadgets. David Ramos, Getty Images

Chinese President Xi Jinping, center, and the country's Internet chief, Lu Wei, talk with Zuckerberg during a gathering at the Microsoft campus in Redmond, Wash., in September 2015. Xi and top executives from U.S. and Chinese companies discussed a range of issues, including trade relations, intellectual property protection, regulation transparency and clean energy, according to published reports. Ted S. Warren, Getty Images

In 2012, Russia's Prime Minister Dmitry Medvedev, left, and Zuckerberg meet at the Gorki residence outside Moscow. Zuckerberg was in Moscow on a visit to stimulate innovation in Russia and to boost the social network's position in the Russian market. Yekaterina Shtukina, AFP/Getty Images

Zuckerberg speaks with France's President Nicolas Sarkozy as he leaves the presidential Elysee Palace in Paris on the closing day of the first "e-G8" summit in 2011. The e-G8 hoped to draw up a declaration for the Group of Eight Leaders who met in northwestern France on May 27 and 28, 2011, covering sensitive issues such as online copyright and censorship. Bertrand Guay, AFP/Getty Images

Mark Zuckerberg and Priscilla Chan were married in Palo Alto, Calif., on May 19, 2012. The ceremony took place in Zuckerberg's backyard before guests who all thought they were there to celebrate Chan's graduation from medical school. The couple met while attending Harvard University. Allyson Magda, AP

Zuckerberg and Chan welcomed their new daughter, Max, in 2015. The philanthropists announced they would give away 99% of their Facebook stock, worth $45 billion. The couple welcomed their second daughter in 2017. Mark Zuckerberg

Zuckerberg on a screen in Times Square moments after he rang the Opening Bell for the Nasdaq on May 18, 2012. When the social network site began trading, its 421 million shares were $38 each. Spencer Platt, Getty Images

Mark Zuckerberg's Facebook home page on Oct. 18, 2010. "The Wall Street Journal" reported many popular applications on Facebook were violating the social network's rules and transmitting identifying information about users to advertising and Internet tracking companies. The newspaper said it conducted an investigation and found that the issue affected tens of millions of Facebook application users, including people who set their profiles to be completely private. Randi Zuckerberg, the sister of co-founder Mark Zuckerberg, told reporters at a forum in Dubai on Oct. 17, 2010, that privacy was the company's top concern and it would continue to give people more controls. Karen Bleier, AFP/Getty Images

This Feb. 5, 2007, file photo shows Facebook founder Mark Zuckerberg's boyish appearance. It is a reminder of just how young he was when he created what would become the worlds biggest social network back in his dorm room at Harvard. I didn't know anything about building a company or global internet service, he wrote in January. Over the years I've made almost every mistake you can imagine. Paul Sakuma, AP